Secure >
Enable WebSphere Application Server security
You can enable WebSphere Application Server security, which includes two orthogonal components: WebSphere global security and Java 2 security.
- Websphere administrative security
Enable administrative security protects the system environment including administrative console from unauthorized users. Administrative security is enabled by default in production environment. If you plan to have application security enabled, administrative security must be enabled.
- WebSphere application security
Enable WebSphere application security prevents all Enterprise JavaBeans components from being exposed to remote invocation by anyone. If you operate the WebSphere Commerce site from behind a firewall, you can disable WebSphere application security. However, you should disable it only if you are sure that no malicious applications are running behind the firewall.
- WebSphere Commerce supports Java 2 security. It is disabled by default, but enabled automatically when you enable WebSphere global security. You can, however, choose to disable Java 2 security when you enable WebSphere global security and generally configure Java 2 security and WebSphere global security independently of one another.
- Enable WebSphere global security
- Enable Java 2 security
WebSphere Commerce supports Java 2 security. It is disabled by default, but enabled automatically when you enable WebSphere global security. You can, however, choose to disable Java 2 security when you enable WebSphere global security and generally configure Java 2 security and WebSphere global security independently of one another.
Related concepts
WebSphere Commerce security model
WebSphere Commerce authentication model
Related tasks
Disable WebSphere Application Server security
Configure security for the Dynamic Cache Monitor